Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla Plans Fix For Critical Firefox Vulnerability In Next Release

Posted by Soulskill on from the sooner-than-later dept.

Trailrunner7 writes "A month after an advisory was published detailing a new vulnerability in Firefox, Mozilla said it has received exploit code for the flaw and is planning to patch the weakness on March 30 in the next release of Firefox. Mozilla officials said Thursday that the vulnerability, which was disclosed February 18 by Secunia, is a critical flaw that could result in remote code execution on a vulnerable machine. The vulnerability is in version 3.6 of Firefox."

1 of 140 comments (clear)

  1. Re:OMFG by wizardforce · · Score: 4, Insightful

    Mozilla is aware of the claim of a zero-day in Firefox as posted here: http://secunia.com/advisories/38608/. We cannot confirm the report as we have received no details regarding the reported vulnerability, such as a proof-of-concept or steps to reproduce. We’ve attempted to contact the researcher who discovered the issue but have not received a response.

    Secunia: omfg Firefox has a vulnerability!!!
    Mozilla: ok so what are the specifics?
    Secunia: ...
    Mozilla: Hello?
    Secunia: ...
    Mozilla: Anyone?
    Secunia a few days ago: Right then... here are the details...
    Mozilla: *patched beta*

    --
    Sigs are too short to say anything truly profound so read the above post instead.